A recent report from the UK’s Chartered Institute of Internal Auditors (CIIA) on the UK public sector found that over a third of organisations did not have effective mechanisms to manage risk. As public sector organisations come under increasing pressures globally to reduce costs and improve accountability and performance, effective risk management and coordination with a strong internal audit function are critical to their success and survival. This course offers an overview of the elements of a successful integrated risk management approach by reviewing best practices in public sector risk management and Internal Audit, from the adoption of enterprise risk management to the implementation of standards issued by the Institute of Internal Auditors (IIA) in the day-to-day operation of the internal audit. Topics covered include why use enterprise risk management, approaches to enterprise risk management used by the public sector and recent updates, the IIA standards to be implemented as best practice; managing the internal audit function, risk assessment and evaluation of internal controls design and testing their operating effectiveness. We will also cover in overview the documentation process for conducting Internal Audit assignments, elements to be included in the working papers and how findings are reflected in the audit report. The course also examines how to structure an Internal Audit Department and the various skills needed with changes in the public sector environment.
The course will answer questions such as:
- What are the benefits of a coordinated, systematic approach to risk management?
- What is enterprise risk management and is it appropriate to my public sector organisation?
- What changes were introduced by the updates to ISO 31000 in 2018 and COSO ERM in 2017?
- How should risk management be devolved through the organisation?
- Why is risk management so difficult to embed successfully?
- How to structure the relationship between operational risk managers, the risk management function and internal audit?
- How does the internal audit department add values to the organization?
- Why do some internal audit departments fail to deliver effective assurance?
- How is internal audit effectiveness measured – objectively and subjectively?
- What are the key standards for internal audit?